Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2016-0912

    EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 allows remote authenticated users to bypass intended password-change restrictions by leveraging access to (1) a different account with the same role as a target account or (2) an account's session at an un... Read more

    Affected Products : data_domain_os emc_data_domain_os
    • EPSS Score: %1.12
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 8.2

    HIGH
    CVE-2016-0911

    EMC Data Domain OS 5.4 through 5.7 before 5.7.2.0 has a default no_root_squash option for NFS exports, which makes it easier for remote attackers to obtain filesystem access by leveraging client root privileges.... Read more

    Affected Products : data_domain_os emc_data_domain_os
    • EPSS Score: %0.35
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 8.4

    HIGH
    CVE-2016-0392

    IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a c... Read more

    • EPSS Score: %0.06
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 4.3

    MEDIUM
    CVE-2015-7776

    Cybozu Garoon 3.x and 4.x before 4.2.0 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, a different vulnerability than CVE-2016-1196.... Read more

    Affected Products : garoon
    • EPSS Score: %0.56
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 4.4

    MEDIUM
    CVE-2015-7462

    IBM WebSphere MQ 8.0.0.4 on IBM i platforms allows local users to discover cleartext certificate-keystore passwords within MQ trace output by leveraging administrator privileges to execute the mqcertck program.... Read more

    Affected Products : websphere_mq
    • EPSS Score: %0.03
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1226

    Cross-site scripting (XSS) vulnerability in Trend Micro Internet Security 8 and 10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.... Read more

    Affected Products : internet_security
    • EPSS Score: %0.37
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-1225

    Trend Micro Internet Security 8 and 10 allows remote attackers to read arbitrary files via unspecified vectors.... Read more

    Affected Products : internet_security
    • EPSS Score: %0.75
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.1

    MEDIUM
    CVE-2016-1197

    Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.x before 4.2.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2015-7775.... Read more

    Affected Products : garoon
    • EPSS Score: %0.32
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.4

    HIGH
    CVE-2016-1195

    Open redirect vulnerability in Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL.... Read more

    Affected Products : garoon
    • EPSS Score: %0.27
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.4

    MEDIUM
    CVE-2015-7775

    Cross-site scripting (XSS) vulnerability in Cybozu Garoon 4.0.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2016-1197.... Read more

    Affected Products : garoon
    • EPSS Score: %0.22
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 5.3

    MEDIUM
    CVE-2016-4821

    I-O DATA DEVICE ETX-R devices allow remote attackers to cause a denial of service (web-server crash) via unspecified vectors.... Read more

    Affected Products : etx-r_firmware etx-r
    • EPSS Score: %0.50
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 8.8

    HIGH
    CVE-2016-4820

    Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE ETX-R devices allows remote attackers to hijack the authentication of arbitrary users.... Read more

    Affected Products : etx-r_firmware etx-r
    • EPSS Score: %0.13
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 9.8

    CRITICAL
    CVE-2016-4819

    The printfDx function in Takumi Yamada DX Library for Borland C++ 3.13f through 3.16b, DX Library for Gnu C++ 3.13f through 3.16b, and DX Library for Visual C++ 3.13f through 3.16b allows remote attackers to execute arbitrary code via a crafted string.... Read more

    Affected Products : dx_library
    • EPSS Score: %2.68
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4817

    lib/http2/connection.c in H2O before 1.7.3 and 2.x before 2.0.0-beta5 mishandles HTTP/2 disconnection, which allows remote attackers to cause a denial of service (use-after-free and application crash) or possibly execute arbitrary code via a crafted packe... Read more

    Affected Products : h2o h2o
    • EPSS Score: %7.96
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-4816

    BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices allow remote attackers to discover credentials and other sensitive information via unspecified vectors.... Read more

    • EPSS Score: %0.38
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4815

    Directory traversal vulnerability on BUFFALO WZR-600DHP3 devices with firmware 2.16 and earlier and WZR-S600DHP devices with firmware 2.16 and earlier allows remote attackers to read arbitrary files via unspecified vectors.... Read more

    • EPSS Score: %0.39
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 7.5

    HIGH
    CVE-2016-4814

    Directory traversal vulnerability in kml2jsonp.php in Geospatial Information Authority of Japan (aka GSI) Old_GSI_Maps before January 2015 on Windows allows remote attackers to read arbitrary files via unspecified vectors.... Read more

    Affected Products : old_gsi_maps
    • EPSS Score: %0.36
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 9.0

    HIGH
    CVE-2016-4813

    NetCommons 2.4.2.1 and earlier allows remote authenticated secretariat (aka CLERK) users to gain privileges by creating a SYSTEM_ADMIN account.... Read more

    Affected Products : netcommons
    • EPSS Score: %0.49
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 8.0

    HIGH
    CVE-2016-4371

    HPE Service Manager Software 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, and 9.41 allows remote authenticated users to obtain sensitive information, modify data, and conduct server-side request forgery (SSRF) attacks via unspecified vectors, related to the ... Read more

    • EPSS Score: %0.07
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025

  • 6.5

    MEDIUM
    CVE-2016-1424

    Cisco IOS 15.2(1)T1.11 and 15.2(2)TST allows remote attackers to cause a denial of service (device crash) via a crafted LLDP packet, aka Bug ID CSCun63132.... Read more

    Affected Products : ios
    • EPSS Score: %0.24
    • Published: Jun. 19, 2016
    • Modified: Apr. 12, 2025
Showing 20 of 291647 Results